https://cerbos.dev logo
Join Slack
Powered by
Hey guys, is it possible to define values for glob...
# help
t
Hey guys, is it possible to define values for global variables inside the policy tests? In our policies we use global variables that are based on environment variables. Currently I am struggling a bit with testing these policies. The setup looks like this: The globals are defined inside the 
cerbos.yaml
configuration:
Copy code
...
engine:
  defaultPolicyVersion: 'default'
  globals:
    some_variable: ${SOME_ENV_VARIABLE}
...
The 
custom_policy.yaml
looks like this:
Copy code
apiVersion: api.cerbos.dev/v1
resourcePolicy:
  version: 'default'
  resource: some_resource
  rules:
    - actions: ['view']
      effect: EFFECT_ALLOW
      roles:
        - user
      condition:
        match:
          all:
            of:
              - expr: R.attr.some_field == true
              - expr: P.attr.some_attr == false
              - expr: G.some_variable == true
And the 
custom_policy_test.yaml
(in it's current state) looks like this:
Copy code
name: CustomTests
description: Tests for custom policy.

principals:
  someUser:
    id: u1
    roles:
      - user
    attr:
      some_attr: false

resources:
  someResource:
    id: restricted-network-request
    kind: some_resource
    policyVersion: default
    attr:
      some_field: true

tests:
  - name: Test custom policy
    input:
      principals:
        - someUser
      resources:
        - someResource
      actions:
        - view
    expected:
      - principal: someUser
        resource: someResource
        actions:
          view: EFFECT_ALLOW
The tests are executed with 
./cerbos compile --tests=/path_to_tests /path_to_policies
with Version 
0.30.0
c
Hey, thanks for raising this. There's currently no way to set global variables for tests -- which is an omission on our part. We'll fix that soon.
t
That is unfortunate. But thanks for the quick confirmation. Looking forward to seeing the support for it
e
Hey folks, I hope this message finds you well. Apologies for revisiting an older post, but I wanted to inquire if there have been any updates since then. We're currently facing a similar issue at our company and are keen to know if testing for global environmental variables has been implemented.
c
Hi, yes it's implemented. It will be in the next Cerbos release which will be out very soon.
👍 2
e
Awesome thank you so much!
c
We just released Cerbos 0.32.0 which includes support for defining 
globals
for test cases.
t
that was fast. Thank you
🙇 1
2 Views
Open in Slack
PreviousNext
Powered by